Cyber Defense Magazine

Hong Kong Based Servers Deploying Infected Angry Birds

Hong Kong Based Servers Deploying Infected Angry Birds

January 31
17:13 2013

SMS Botnet takes over Android Phones in Asia

The Hong Kong Police have admitted that a new SMS botnet has been included in the Androids versions of Angry Birds Satar Wars and Need for Speed Most Wanted, among others as research continues.HK Based Servers

Here’s how the malware operates:

1)    User installs the free version of the game on their smartphone.

2)    The infected version of the game starts sending out thousands of spam SMS messages to a list of phone numbers obtained by the malware, from a command and control server.

3)    These SMS messages include links to the same malicious apps, as well.

4)    Spreading like wildfire from SMS, the cybercriminal botnet grew nearly exponentially – overnight.

The Hong Kong Police confirm that the malware communicates about once every minute to grab another fifty phone numbers, over standard HTTP protocol, then it sends a message to each of these numbers, with a 1.3 second delay after sending each message.

If you don’t have an unlimited SMS messaging plan and you are a victim, you’ll find your phone bill to be significant.  Android users are advised to beware of suspicious applications, especially if they are advertised via unsolicited messages.

(Sources: CDM and Hong Kong Police)

Related Articles